United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 
Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria, Virginia 223 1 3- 1 450 
www.uspto.gov 



APPLICATION NO. 



FILING DATE 



FIRST NAMED INVENTOR 



ATTORNEY DOCKET NO. 



CONFIRMATION NO. 



09/945,273 



08/30/2001 



Shinako Matsuyama 



26263 7590 04/05/2005 

SONNENSCHEIN NATH & ROSENTHAL LLP 
P.O. BOX 061080 

WACKER DRIVE STATION, SEARS TOWER 
CHICAGO, IL 60606-1080 



09792909-5135 



3839 



EXAMINER 



ELMORE, JOHN E 



ART UNIT 



PAPER NUMBER 



2134 

DATE MAILED: 04/05/2005 



Please find below and/or attached an Office communication concerning this application or proceeding. 



PTO-90C (Rev. 10/03) 



Office Action Summary 


Application No. 

09/945,273 


Appiicant(s) 

MATSUYAMA ET AL. 


Examiner 

John Elmore 


Art Unit 

2134 





The MAILING DATE of this communication appears on the cover sheet with the correspondence address ~ 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 , 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

• If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply Is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b), 

Status 

1 )^ Responsive to communication(s) filed on 30 August 2001 . 
2a)D This action is FINAL. 2b)^| This action is non-final. 

3) Q Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-29 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E3 Claim(s) 1-29 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) Q The specification is objected to by the Examiner. 

10)H The drawing(s) filed on 30 August 2001 is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1 .121 (d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 

Priority under 35 U.S.C. § 119 

12)^ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)KI All b)D Some * c)D None of: 

1 Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 

30 Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1 ) S Notice of References Cited (PTO-892) 

2) [Zl Notice of Draftsperson's Patent Drawing Review (PTO-948) 

3) □ Information Disclosure Statement(s) (PTO-1449 or PTO/SB/08) 

Paper No(s)/Mail Date . 



4) □ Interview Summary (PTO-413) 

Paper No(s)/Mail Date. . 

5) d Notice of Informal Patent Application (PTO-152) 

6) □ Other: . 



U.S. Patent and Trademark Office 
PTOL-326 (Rev. 1-04) 



Office Action Summary 



Part of Paper No./Mail Date 03092005 



Application/Control Number: 09/945,273 Page 2 

Art Unit: 2134 

DETAILED ACTION 



1 . Claims 1-29 have been examined. 

Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

1 . Claim 14 is rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

The term "a card" (line 8) in claim 14 is a relative term which renders the claim 
indefinite. The term "a card" is not defined by the claim, the specification does not 
provide a standard for ascertaining the requisite degree, and one of ordinary skill in the 
art would not be reasonably apprised of the scope of the invention. In the interest of 
compact prosecution, this limitation subsequently is ignored. 

Claim Rejections - 35 USC § 102 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

2. Claims 1-3, 10-13, 15-17, 24-27 and 29 are rejected under 35 U.S.C. 102(b) as 

being anticipated by Ginter et al. (US 5,892,900), hereafter Ginter. 
Regarding claim 1, Ginter discloses a system comprising: 
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an identification certificate containing a template serving as identification data of 
a user receiving a content (col. 42, lines 4-14; col. 212, lines 3-16); 

container information in which a content transaction condition is set including an 
identification certificate identifier list associating with said identification certificate (col. 
135, lines 20-43): 

a content key for enciphering a content (col. 223, lines 5-1 1 ); 

a secure container (container 302; VDE container/logical object structure 800; 
traveling object 860; col. 59, lines 8-15; col. 134, lines 29-58) including the content 
enciphered with the content key and said container information (col. 135, lines 5-63); 

a content distributor (106) for distributing the content by moving said secure 
container (col. 17, lines 42-48; col. 55, lines 63-67); 

at least one user device (content user 112 accessing content with electronic 
appliance 600) for transacting the content with said content distributor (col. 61 , lines 19- 
21; col. 62, lines 32-50), 

whereby user authentication is performed in accordance with the identification 
certificate identified on the basis of the identification certificate identifier list when said 
secure container is moved, so that the content usable on said user device is distributed 
with content transaction managed (col. 42, lines 4-14, and col. 212, lines 10-16). 

Regarding claim 2, Ginter teaches all the limitations of claim 1 , and further 
teaches that said identification certificate is issued by an identification authority, third 
party organization (col. 21 1 , lines 39-49). 
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* Regarding claim 3, Ginter teaches all the limitations of claim 1 , and further 
teaches said container information further includes data in which the condition of 
secondary distribution is set, the secondary distribution redistributing the content after 
first distribution (col. 24, line 54, through col. 25, line 27). 

Regarding claim 10, Ginter teaches all the limitations of claim 1, and further 
teaches said container information further includes data for permitting content use, 
including reproduction and copying, thereby allowing said user device receiving the 
secure container to use the content under the restriction of content use in accordance 
with the data for permitting content use (col. 58, lines 23-27 and 64-67; col. 59, lines - 
15; col. 134, lines 15-23; and col. 1325, lines 35-50). 

Regarding claim 11, Ginter teaches all the limitations of claim 1, and further 
teaches that said secure container further includes a digital signature provided by a - 
secure container producer (col. 8, lines -7; col. 22, lines 5-8; col. 135, lines 20-34; col. 
202, lines 41-47; and col. 203, lines 28-35). 

Regarding claim 12, Ginter teaches all the limitations of claim 1, and further 
teaches that the identification certificate identifier list includes data associating an 
identifier of a content user with an identification certificate identifier of the user (col. 1 35, 
lines 20-34). 

Regarding claim 13, Ginter teaches all the limitations of claim 1, and further 
teaches that 

said content distributor is a service provider (Fig. 2; col. 7, lines 45-57; col. 56, 
lines 47-55) and 
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said at least one user device comprising a plurality of user devices (col. 1 1 , lines 
36-40), 

each of the service provider and the user devices performing content transaction 
having an encryption processing unit (col. 14, lines 27-48, and col. 21, line 60, through 
col. 22, line 25), and 

the user devices authenticate one another when data are transmitted 
therebetween, subsequently a data-transmitting user device generating a digital 
signature to data to be transmitted, and a data-receiving user device verifying the digital 
signature (container/VDE objects sent between users/PPEs are authenticated using 
digital signtatures; col. 22, lines 5-8; and col. 227, lines 46-52, referring to the digital 
signature authentication process described from col. 225, line 61, through col. 227, line 
42). 

Regarding claims 15-17, 24 and 25, these are a method version of the claimed 
system discussed above (claims 1-3, 10 and 13), wherein all claim limitations have 
been addressed. Thus, for the reasons provided above, such claims also are 
anticipated. 

Regarding claims 26 and 27, these are an information-processing-apparatus 
version of the claimed system discussed above (claims 1 and 7), wherein all claim 
limitations have been addressed. Thus, for the reasons provided above, such claims 
also are anticipated. 
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Regarding claim 29, this is a medium-for-computer-program version of the 
claimed system discussed above (claim 1 ), wherein all claim limitations have been 
addressed. Thus, for the reasons provided above, such a claim also is anticipated. 



Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 4-9, 14, 18-23 and 28 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Ginter et al. (US 5,892,900), hereafter Ginter, in view of Bianco et al. 
(US 6,256,737), hereafter Bianco. 

Regarding claim 4, Ginter teaches all the limitations of claim 1 , and further 
teaches that 

said content distributor is a service provider distributing said secure container 
(Fig. 2; col. 7, lines 45-57; col. 56, lines 47-55), 

the service provider authenticating a user of said user device receiving said 
secure container, subsequently allowing the content to be used on said user device, 
provided that the user has been authenticated (col. 12, lines 31-38; col. 21 , lines 46-59; 
col. 212, lines 3-16). 
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But Ginter does not explicitly explain that authenticating a user is performed by 
comparing the template contained in said identification certificate identified on 
the basis of the identification certificate identifier list with sampling information input by 
the user. 

However, Bianco teaches a user authentication system wherein a service 
provider (biometric server 104) authenticates a user (at computer 208) by comparing a 
template contained in an identification certificate (biometric template 502) identified on 
the basis of an identification certificate identifier list (stored biometric data) with 
sampling information ("live" biometric data) input by the user (col. 25, lines 31-40 and 
50-53) for the purpose of providing more effective authentication of users seeking 
access to resources on a network (col. 6, lines 35-40; col. 1 1 , line 66, through col. 12, 
line 7), including electronic content (col. 21, lines 9-11). 

Therefore, it would be obvious to a person of ordinary skill in the computer art at 
the time the invention was made to modify the system of Ginter with the teaching of 
Bianco such that the service provider authenticates a user of said user device receiving 
said secure container through comparing the template contained in said identification 
certificate identified on the basis of the identification certificate identifier list with 
sampling information input by the user. One would be motivated to do so in order to 
provide more effective authentication of users seeking access to resources on a 
network, particularly electronic content. 

Regarding claim 5, this claim is the same as the modified invention of Ginter 
and Bianco as applied to claim 4, with the additional limitation for which Ginter teaches 
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that upon authentication of the user the service provider subsequently distributes said 
content key with which the content contained in said secure container was enciphered 
(content key distributed via permissions record/PERC object 808 upon user 
authentication; col. 158, lines 58-65; col. 217, line 51, through, col. 218, line 11; col. 
222, lines 41-49; col. 223, lines 6-11). Therefore, for reasons given above, such a claim 
also would have been obvious. 

Regarding claim 6, Ginter teaches all the limitations of claim 1 , and further 
teaches that 

said content distributor is a service provider distributing said secure container 
(Fig. 2; col. 7, lines 45-57; col. 56, lines 47-55), subsequently allowing the content to be 
used on said user device, provided that the user has been authenticated (col. 12, lines 
31-38; col. 21, lines 46-59; col. 212, lines 3-16). 

But Ginter does not explicitly explain that said user device receiving said secure 
container authenticates a user thereof by comparing the template contained in the 
identification certificate identified on the basis of the identification certificate identifier list 
with sampling information input by the user, subsequently informing the service provider 
of the user authentication result. 

However, Bianco teaches a user authentication system wherein a user device 
receiving a secure container (computer 208 with biometric device object 722) 
authenticates a user thereof by comparing a template contained in an identification 
certificate (biometric template 502) identified on the basis of an identification certificate 
identifier list (stored biometric data) with sampling information ("live" biometric data) 
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input by the user (col. 25, lines 31-40 and 48-50) for the purpose of providing more 
effective authentication of users seeking access to resources on a network (col. 6, lines 
35-40; col. 1 1 , line 66, through col. 12, line 7), including electronic content (col. 21 , lines 
9-11). 

The Examiner takes official notice that it would have been obvious to one of 
ordinary skill in the computer art at the time the invention was made for the user device 
to inform the service provider of the user authentication result. Ginter teaches that 
users must be authenticated prior to receipt of a content container (col. 21 , lines 48-59; 
col. 212, lines 10-13; col. 218, lines 5-10) from a service provider. Given that the user 
device performs the user authentication, one of ordinary skill in the computer art at the 
time the invention was made would recognize that the service provider would need to 
be informed of the authentication result so that the content container then would be sent 
to the user device. 

Therefore, it would be obvious to a person of ordinary skill in the computer art at 
the time the invention was made to modify the system of Ginter with the teaching of 
Bianco such that said user device receiving said secure container authenticates a user 
thereof by comparing the template contained in the identification certificate identified on 
the basis of the identification certificate identifier list with sampling information input by 
the user, subsequently informing the service provider of the user authentication result. 
One would be motivated to do so in order to provide more effective authentication of 
users seeking access to resources on a network, particularly electronic content. 
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Regarding claim 7, this claim is the same as the modified invention of Ginter 
and Bianco as applied to claim 6, with the additional limitation, for which Ginter teaches, 
that upon authentication of the user the service provider subsequently distributes said 
secure container with said content key with which the content contained in said secure 
container was enciphered (content key distributed via permissions record/PERC object 
808 upon user authentication; col. 158, lines 58-65; col. 217, line 51, through, col. 218, 
line 11; col. 222, lines 41-49; col. 223, lines 6-11). Therefore, for reasons given above, 
such a claim also would have been obvious. 

Regarding claim 8, Ginter teaches all the limitations of claim 1 , and further 
teaches that 

said content distributor is a service provider distributing said secure container 
(Fig. 2; col. 7, lines 45-57; col. 56, lines 47-55) and 

said at least one user device comprises a plurality of user devices (col. 1 1 , lines 
36-40) and 

said identification certificate being to be used for user authentication performed 
when said secure container is moved between the service provider and a user device 
and between user devices (col. 24, line 54, through col. 25, line 35; col. 42, lines 4-14; 
col. 140, lines 50-54; and col. 212, lines 10-16). 

But Ginter does not explicitly explain that said identification certificate is 
previously contained in the service provider or a user device that is to perform the user 
authentication. 
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However, Bianco teaches a user authentication system supporting a plurality of 
user devices (col. 11, line 66, through col. 12, line 5) wherein an identification certificate 
(biometric template) is previously contained in a service provider (biometric server 104), 
which provides it to a user device (computer 208 with biometric device object 722) that 
performs authentication (col. 25, lines 31-40 and 48-50), for the purpose of providing 
more effective authentication of users seeking access to resources on a network (col. 6, 
lines 35-40; col. 11, line 66, through col. 12, line 7), including electronic content (col. 21, 
lines 9-11). 

Therefore, it would be obvious to a person of ordinary skill in the computer art at 
the time the invention was made to modify the system of Ginter with the teaching of 
Bianco such that said identification certificate is previously contained in the service 
provider or a user device that is to perform the user authentication. One would be 
motivated to do so in order to provide more effective authentication of users seeking 
access to resources on a network, particularly electronic content. 

Regarding claim 9, this claim is the same as the modified invention of Ginter 
and Bianco as applied to claim 8, with the additional limitation, for which Ginter teaches, 
that said identification certificate is acquired from an identification authority, 
identification certificate issuer, by the service provider (col. 210, lines 40-41). 
Therefore, for reasons given above, such a claim also would have been obvious. 

Regarding claim 14, Ginter teaches all the limitations of claim 1, and further 
teaches that the template 
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But Ginter does not explain that the template includes at least one piece of 
information selected from among personal biotic information, including fingerprint 
information, retina pattern information, iris pattern information, voice print information 
and handwriting information, and a non-biotic information including a seal, a passport, a 
driver's license; or any combination of the biotic and non-biotic information and a 
password. 

However, Bianco further teaches a system wherein a template contains biotic 
(biometric) data (col. 8, lines 11-13; col. 12, lines 54-57; col. 17, lines 44-46) and non- 
biotic data (e.g. user ID; col. 18, lines 48-49; col. 19, lines 24-40) for the purpose of 
providing more effective authentication of users seeking access to resources on a 
network (col. 6, lines 35-40; col. 11, line 66, through col. 12, line 7), including electronic 
content (col. 21 , lines 9-1 1 ). 

Therefore, it would be obvious to a person of ordinary skill in the computer art at 
the time the invention was made to modify the system of Ginter with the teaching of 
Bianco such that the template includes at least one piece of information selected from 
among personal biotic information, including fingerprint information, retina pattern 
information, iris pattern information, voice print information and handwriting information, 
and a non-biotic information including a seal, a passport, a driver's license; or any 
combination of the biotic and non-biotic information and a password. One would be 
motivated to do so in order to provide more effective authentication of users seeking 
access to resources on a network, particularly electronic content. 
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Regarding claims 18-23, these are a method version of the claimed system 
discussed above (claims 4-9), wherein all claim limitations have been addressed. Thus, 
for the reasons provided above, such claims also would have been obvious. 

Regarding claim 28, this is an information-processing-apparatus version of the 
claimed system discussed above (claim 4), wherein all claim limitations have been 
addressed. Thus, for the reasons provided above, such a claim also would have been 
obvious. 

Conclusion 

The prior art made of record and not relied upon is considered pertinent to 
applicants disclosure. 

Dulude et al. (US 6,310,966) discloses a system for user authentication that 
employs biometric data stored in an identification certificate. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to John Elmore whose telephone number is 571-272-4224. 
The examiner can normally be reached on M 10-8, T-Th 9-7. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Greg Morse can be reached on 571-272-3838. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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